Linux Kernel HID Asus Memory Leak Vulnerability in Report Fixup Function

A memory leak vulnerability has been identified in the Linux kernel's HID Asus driver, specifically within the asus_report_fixup() function. This function improperly returns a pointer to a newly allocated buffer without freeing it, leading to a memory leak. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a memory leak, causing increased memory usage and potentially leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by using a device that requires the HID Asus driver. When the asus_report_fixup() function is called, it will return a pointer to a buffer that has been allocated with kmemdup(), but this buffer is never freed. This behavior can be observed by monitoring the system's memory usage, which will increase over time as the leaked memory accumulates.

Remediation

The vulnerability has been addressed by modifying the asus_report_fixup() function to use devm_kzalloc() instead of kmemdup(). This change ensures that the allocated memory is automatically managed and freed when the device is removed. Users can apply the latest patches available in the Linux kernel stable tree to mitigate this vulnerability.